rbd: add additional space for encrypted volumes

[iPraveenParihar]

Describe what this PR does

rbd: add additional space for encrypted volumes

issue: when a block-mode pvc is created with encryption enabled
there is some space reserved for the encryption metadata.
Which doesn't allows users to write extact amount of data that
they have requested for.

solution: create pvc with extra space needed for the encryption
metadata. GetLuksHeaderSize() function returns the luks2
encryption metadata(header size).

Related issues

Fixes: #issue_number

Checklist:

• Commit Message Formatting: Commit titles and messages follow guidelines in the developer guide.
• Reviewed the developer guide on Submitting a Pull Request
• Pending release notes updated with breaking and/or notable changes for the next major release.
• Documentation has been updated, if necessary.
• Unit tests have been added, if necessary.
• Integration tests have been added, if necessary.

---

Show available bot commands

These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:

• /retest ci/centos/<job-name>: retest the <job-name> after unrelated
  failure (please report the failure too!)

[iPraveenParihar]

minikube testing,

Created a 1GiB block-mode pvc, and then expanded to 2GiB

[pm@dhcp53-176 ceph-csi]$ k get pvc
NAME            STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
raw-block-pvc   Bound    pvc-5d6e808b-5f9c-474b-94a7-ce0f20725048   1Gi        RWO            rbd-sc         7m33s
[pm@dhcp53-176 ceph-csi]$ k exec rook-direct-mount-6b8f99f786-q5qfm -- rbd info replicapool/csi-vol-7c440f1f-35f0-4708-84b5-1d4055c0cc32 --format json | jq
{
  "name": "csi-vol-6feb9874-b24d-4bb7-9b4b-f51732e79708",
  "id": "bceddf10f522a",
  "size": 1090519040,   // --> 1GiB + 16MiB
  "objects": 260,
  "order": 22,
  "object_size": 4194304,
  "snapshot_count": 0,
  "block_name_prefix": "rbd_data.bceddf10f522a",
  "format": 2,
  "features": [
    "layering"
  ],
  "op_features": [],
  "flags": [],
  "create_timestamp": "Wed Apr 24 07:01:43 2024",
  "access_timestamp": "Wed Apr 24 07:01:43 2024",
  "modify_timestamp": "Wed Apr 24 07:01:43 2024"
}



[pm@dhcp53-176 examples]$ k get pvc
NAME            STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
raw-block-pvc   Bound    pvc-5d6e808b-5f9c-474b-94a7-ce0f20725048   2Gi        RWO            rbd-sc         15m
[pm@dhcp53-176 examples]$ k exec rook-direct-mount-6b8f99f786-q5qfm -- rbd info replicapool/csi-vol-7c440f1f-35f0-4708-84b5-1d4055c0cc32 --format json | jq
{
  "name": "csi-vol-7c440f1f-35f0-4708-84b5-1d4055c0cc32",
  "id": "bcedd5fa1dd89",
  "size": 2164260864,   // --> 2GiB + 16MiB
  "objects": 516,
  "order": 22,
  "object_size": 4194304,
  "snapshot_count": 0,
  "block_name_prefix": "rbd_data.bcedd5fa1dd89",
  "format": 2,
  "features": [
    "layering"
  ],
  "op_features": [],
  "flags": [],
  "create_timestamp": "Wed Apr 24 07:23:07 2024",
  "access_timestamp": "Wed Apr 24 07:23:07 2024",
  "modify_timestamp": "Wed Apr 24 07:23:07 2024"
}

[Madhu-1]

Add E2E checks new size.

[iPraveenParihar]

/test ci/centos/mini-e2e-helm/k8s-1.28

[iPraveenParihar]

/test ci/centos/mini-e2e-helm/k8s-1.28

[iPraveenParihar]

/test ci/centos/mini-e2e-helm/k8s-1.28

[nixpanic]

@Mergifyio rebase

This causes a run of the GitHub CI jobs. Logs for ci/centos/mini-e2e-helm/k8s-1.28 show that e2e passed earlier.

[mergify]

rebase

✅ Branch has been successfully rebased

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.28

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29/test_type-rbd

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29/test_type-rbd

@karthik-us, is this the correct command to run rbd tests?
its not working for me with above command.

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[Madhu-1]

check if helper is having any menthods to parse string and convert it to in that avoid bugs or else we need to remember that we need to change size in two places.

[Madhu-1]

add the resize to above test case, lets not create the PVC and pod again

[Madhu-1]

return pvc name /image name which helps in debugging

[Madhu-1]

return uint64 from here, we dont need to convert int64 to uint64 in multiple places

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[Madhu-1]

it should be err==nil not the other way isn't it?

[iPraveenParihar]

😀yea, missed it
Thanks!

[Madhu-1]

Add unit testing for this helper?

[Madhu-1]

please add unit test for it.

[iPraveenParihar]

/test ci/centos/mini-e2e/k8s-1.29

[Rakshith-R]

Check snapshot process and size of created snapshot too in the same flow since we had a problem with restore?

[Madhu-1]

labelKey:="app"
labelVal:= "rbd-pod-block-encrypted"
app.Labels = map[string]string{labelKey:labelVal}

opt := metav1.ListOptions{
	LabelSelector: fmt.Sprintf("%s=%s",labelKey,labelVal)
}

using like above is less error prone, if we check it in one place we don't need to change it in other place

[Madhu-1]

please add E2E for PVC-PVC clone and snapshot restore as well

[Madhu-1]

can we use uint64 here?

[Madhu-1]

please add unit test for it.